Exam SC-200 Topic 2 Question 22 Discussion
Actual exam question for Microsoft's SC-200 exam
Question #: 22
Topic #: 2
Question #: 22
Topic #: 2
You have a Microsoft 365 subscription that uses Microsoft Defender for Endpoint Plan 1 and contains a macOS device named Device1.
You need to investigate a Defender for Endpoint agent alert on Device1. The solution must meet the following requirements:
* Identify all the active network connections on Device1.
* Identify all the running processes on Device1.
* Retrieve the login history of Device1.
* Minimize administrative effort.
What should you do first from the Microsoft Defender portal?
You need to investigate a Defender for Endpoint agent alert on Device1. The solution must meet the following requirements:
* Identify all the active network connections on Device1.
* Identify all the running processes on Device1.
* Retrieve the login history of Device1.
* Minimize administrative effort.
What should you do first from the Microsoft Defender portal?
Suggested Answer: D Vote an answer
by Mona at Jun 12, 2026, 07:19 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).